The number of websites being hacked to in Africa has been increasing at an alarming rate. The question that everyone is asking themselves is; where has Africa gone wrong when it comes to cyber security? This trend very worrying, since most transactions are now moving onto online platforms.
In the recent past, East and Central Africa in particular has witnessed constant hackings, especially by a group calling itself The Rwandan Hackers. This group has been able to hack into major sites including the website of The East African Standard, a leading media house in East Africa based out of Kenya where they published about 1000 usernames, emails and encrypted passwords of users. Over 103 Government of Kenya websites were hacked into overnight.
Talking to HumanIPO, Mathew Wambua, a security expert at Isols Kenya said, “Most hackers use the SQL injection technique, where weakness in the page codes are analyzed, and exploited. The hackers then insert their own code and execute it from the site’s database, giving them an illegal access.” Once they access the site, the hackers can do anything they please, including posting messages that tend to identify them.
“The recent (Kenyan) government sites that were hacked could not have happened had more security features been incorporated. One major weakness was hosting them on one server, that allowed the hackers multiple access to all the sites ones they gained entry.” Mathew Added.
This trend has captured the attention of major stake holders across all sectors, especially the banking industry that has been experiencing a lot of cyber crime, most of which are perpetrated by the workers themselves, who discover the weakness in the Banking systems. It is for this reason that there will be a major banking cyber security conference set for March 23 in Kigali, Rwanda, set to highlight key IT security threats, fraud, risk and regulatory issues affecting financial institutions.
“Unless Africa and the rest of the world embrace modern security developments in the world, hackers will continue to enjoy the satisfaction and attention they get when they access our systems.” Mathew added.
What organizations, more so government institutions and financial institutions should be more concerned about is the privacy of the users, whose sensitive information is preserved in their databases.
